csrf missing in flatpages

Question

k1000 opened this issue 14 years ago · comments

in flatpages/view.py

FIX
needs import:
"from django.views.decorators.csrf import csrf_protect"

and decorate "multilingual_flatpage" view with "@csrf_protect"

Jonas Obrist · Answer 1 · Sun Sep 05 2010 16:03:46 GMT+0800 (China Standard Time)

other fix is to use the csrf middlewares. if anything happens to the flatpages app in mlng, it'll be deleted.

k1000 · Answer 2 · Sun Sep 05 2010 17:36:18 GMT+0800 (China Standard Time)

it's a way how it work in original flatpages in the latest trunk. So I think its expected solution.

Jonas Obrist · Answer 3 · Mon Sep 06 2010 23:56:25 GMT+0800 (China Standard Time)

yes but flatpages in MLNG is just another thing I have to maintain that does not really serve a core purpose.

k1000 · Answer 4 · Tue Sep 07 2010 02:57:38 GMT+0800 (China Standard Time)

anyway thank you for sharing :)